RewriteRule cannot see query strings, that is true. So that is why the rule must use a RewriteCond to examine the query string, which it does.

Further, examining THE_REQUEST ensures that you are looking at the actual string sent by the browser, without any URL-decoding of the escaped characters such as "%2f" (which is an encoded "/".

So the first part of that rule is fine, and the only thing I'd add is that you may need to add the [NE] flag to that rule's flags, as well as to any other rule that needs to pass "%" characters unchanged. See mod_rewrite RewriteRule documentation at apache.org for details on the [NE] flag.

Note that the two Options directives may be combined on one line, simply listing all of the arguments separated by spaces.